1 /*
2 * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8 #include "config_crypto.h"
9 #include "test_framework_helpers.h"
10 #include "tfm_secure_client_2_api.h"
11 #include "tfm_api.h"
12 #include "../crypto_tests_common.h"
13
14 /* List of tests */
15 static void tfm_crypto_test_1001(struct test_result_t *ret);
16 #ifdef TFM_CRYPTO_TEST_ALG_CBC
17 static void tfm_crypto_test_1002(struct test_result_t *ret);
18 #endif /* TFM_CRYPTO_TEST_ALG_CBC */
19 #ifdef TFM_CRYPTO_TEST_ALG_CFB
20 static void tfm_crypto_test_1003(struct test_result_t *ret);
21 #endif /* TFM_CRYPTO_TEST_ALG_CFB */
22 #ifdef TFM_CRYPTO_TEST_ALG_CTR
23 static void tfm_crypto_test_1005(struct test_result_t *ret);
24 static void tfm_crypto_test_1006(struct test_result_t *ret);
25 #endif /* TFM_CRYPTO_TEST_ALG_CTR */
26 static void tfm_crypto_test_1007(struct test_result_t *ret);
27 static void tfm_crypto_test_1008(struct test_result_t *ret);
28 #ifdef TFM_CRYPTO_TEST_ALG_CFB
29 static void tfm_crypto_test_1009(struct test_result_t *ret);
30 #endif /* TFM_CRYPTO_TEST_ALG_CFB */
31 static void tfm_crypto_test_1010(struct test_result_t *ret);
32 static void tfm_crypto_test_1011(struct test_result_t *ret);
33 static void tfm_crypto_test_1012(struct test_result_t *ret);
34 #ifdef TFM_CRYPTO_TEST_ALG_SHA_384
35 static void tfm_crypto_test_1013(struct test_result_t *ret);
36 #endif /* TFM_CRYPTO_TEST_ALG_SHA_384 */
37 #ifdef TFM_CRYPTO_TEST_ALG_SHA_512
38 static void tfm_crypto_test_1014(struct test_result_t *ret);
39 #endif /* TFM_CRYPTO_TEST_ALG_SHA_512 */
40 static void tfm_crypto_test_1019(struct test_result_t *ret);
41 static void tfm_crypto_test_1020(struct test_result_t *ret);
42 #ifdef TFM_CRYPTO_TEST_ALG_SHA_384
43 static void tfm_crypto_test_1021(struct test_result_t *ret);
44 #endif /* TFM_CRYPTO_TEST_ALG_SHA_384 */
45 #ifdef TFM_CRYPTO_TEST_ALG_SHA_512
46 static void tfm_crypto_test_1022(struct test_result_t *ret);
47 #endif /* TFM_CRYPTO_TEST_ALG_SHA_512 */
48 static void tfm_crypto_test_1024(struct test_result_t *ret);
49 #ifdef TFM_CRYPTO_TEST_ALG_CCM
50 static void tfm_crypto_test_1030(struct test_result_t *ret);
51 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
52 #ifdef TFM_CRYPTO_TEST_ALG_GCM
53 static void tfm_crypto_test_1031(struct test_result_t *ret);
54 #endif /* TFM_CRYPTO_TEST_ALG_GCM */
55 static void tfm_crypto_test_1032(struct test_result_t *ret);
56 static void tfm_crypto_test_1033(struct test_result_t *ret);
57 static void tfm_crypto_test_1034(struct test_result_t *ret);
58 static void tfm_crypto_test_1035(struct test_result_t *ret);
59 #ifdef TFM_CRYPTO_TEST_ALG_CCM
60 static void tfm_crypto_test_1036(struct test_result_t *ret);
61 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
62 static void tfm_crypto_test_1037(struct test_result_t *ret);
63 static void tfm_crypto_test_1038(struct test_result_t *ret);
64 #ifdef TFM_CRYPTO_TEST_HKDF
65 static void tfm_crypto_test_1039(struct test_result_t *ret);
66 #endif /* TFM_CRYPTO_TEST_HKDF */
67 #ifdef TFM_CRYPTO_TEST_ECDH
68 static void tfm_crypto_test_1040(struct test_result_t *ret);
69 #endif /* TFM_CRYPTO_TEST_ECDH */
70 #ifdef TFM_CRYPTO_TEST_ALG_OFB
71 static void tfm_crypto_test_1041(struct test_result_t *ret);
72 #endif /* TFM_CRYPTO_TEST_ALG_OFB */
73 #ifdef TFM_CRYPTO_TEST_ALG_ECB
74 static void tfm_crypto_test_1042(struct test_result_t *ret);
75 #endif /* TFM_CRYPTO_TEST_ALG_ECB */
76 #if CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED
77 static void tfm_crypto_test_1043(struct test_result_t *ret);
78 static void tfm_crypto_test_1044(struct test_result_t *ret);
79 static void tfm_crypto_test_1045(struct test_result_t *ret);
80 #endif /* CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED */
81 #ifdef TFM_CRYPTO_TEST_ALG_CBC
82 static void tfm_crypto_test_1046(struct test_result_t *ret);
83 static void tfm_crypto_test_1047(struct test_result_t *ret);
84 static void tfm_crypto_test_1048(struct test_result_t *ret);
85 #endif /* TFM_CRYPTO_TEST_ALG_CBC */
86 #ifdef TFM_CRYPTO_TEST_CHACHA20
87 static void tfm_crypto_test_1049(struct test_result_t *ret);
88 static void tfm_crypto_test_1051(struct test_result_t *ret);
89 #endif /* TFM_CRYPTO_TEST_CHACHA20 */
90 #ifdef TFM_CRYPTO_TEST_ALG_CHACHA20_POLY1305
91 static void tfm_crypto_test_1050(struct test_result_t *ret);
92 static void tfm_crypto_test_1052(struct test_result_t *ret);
93 #endif /* TFM_CRYPTO_TEST_ALG_CHACHA20_POLY1305 */
94 #ifdef TFM_CRYPTO_TEST_ALG_RSASSA_PSS_VERIFICATION
95 static void tfm_crypto_test_1053(struct test_result_t *ret);
96 #endif /* TFM_CRYPTO_TEST_ALG_RSASSA_PSS_VERIFICATION */
97
98 static struct test_t crypto_tests[] = {
99 {&tfm_crypto_test_1001, "TFM_S_CRYPTO_TEST_1001",
100 "Secure Key management interface"},
101 #ifdef TFM_CRYPTO_TEST_ALG_CBC
102 {&tfm_crypto_test_1002, "TFM_S_CRYPTO_TEST_1002",
103 "Secure Symmetric encryption (AES-128-CBC) interface"},
104 #endif /* TFM_CRYPTO_TEST_ALG_CBC */
105 #ifdef TFM_CRYPTO_TEST_ALG_CFB
106 {&tfm_crypto_test_1003, "TFM_S_CRYPTO_TEST_1003",
107 "Secure Symmetric encryption (AES-128-CFB) interface"},
108 #endif /* TFM_CRYPTO_TEST_ALG_CFB */
109 #ifdef TFM_CRYPTO_TEST_ALG_CTR
110 {&tfm_crypto_test_1005, "TFM_S_CRYPTO_TEST_1005",
111 "Secure Symmetric encryption (AES-128-CTR) interface"},
112 {&tfm_crypto_test_1006, "TFM_S_CRYPTO_TEST_1006",
113 "Secure Symmetric encryption (AES-256-CTR) interface"},
114 #endif /* TFM_CRYPTO_TEST_ALG_CTR */
115 {&tfm_crypto_test_1007, "TFM_S_CRYPTO_TEST_1007",
116 "Secure Symmetric encryption invalid cipher"},
117 {&tfm_crypto_test_1008, "TFM_S_CRYPTO_TEST_1008",
118 "Secure Symmetric encryption invalid cipher (AES-152)"},
119 #ifdef TFM_CRYPTO_TEST_ALG_CFB
120 {&tfm_crypto_test_1009, "TFM_S_CRYPTO_TEST_1009",
121 "Secure Symmetric encryption invalid cipher (HMAC-128-CFB)"},
122 #endif /* TFM_CRYPTO_TEST_ALG_CFB */
123 {&tfm_crypto_test_1010, "TFM_S_CRYPTO_TEST_1010",
124 "Secure Unsupported Hash (SHA-1) interface"},
125 {&tfm_crypto_test_1011, "TFM_S_CRYPTO_TEST_1011",
126 "Secure Hash (SHA-224) interface"},
127 {&tfm_crypto_test_1012, "TFM_S_CRYPTO_TEST_1012",
128 "Secure Hash (SHA-256) interface"},
129 #ifdef TFM_CRYPTO_TEST_ALG_SHA_384
130 {&tfm_crypto_test_1013, "TFM_S_CRYPTO_TEST_1013",
131 "Secure Hash (SHA-384) interface"},
132 #endif /* TFM_CRYPTO_TEST_ALG_SHA_384 */
133 #ifdef TFM_CRYPTO_TEST_ALG_SHA_512
134 {&tfm_crypto_test_1014, "TFM_S_CRYPTO_TEST_1014",
135 "Secure Hash (SHA-512) interface"},
136 #endif /* TFM_CRYPTO_TEST_ALG_SHA_512 */
137 {&tfm_crypto_test_1019, "TFM_S_CRYPTO_TEST_1019",
138 "Secure Unsupported HMAC (SHA-1) interface"},
139 {&tfm_crypto_test_1020, "TFM_S_CRYPTO_TEST_1020",
140 "Secure HMAC (SHA-256) interface"},
141 #ifdef TFM_CRYPTO_TEST_ALG_SHA_384
142 {&tfm_crypto_test_1021, "TFM_S_CRYPTO_TEST_1021",
143 "Secure HMAC (SHA-384) interface"},
144 #endif /* TFM_CRYPTO_TEST_ALG_SHA_384 */
145 #ifdef TFM_CRYPTO_TEST_ALG_SHA_512
146 {&tfm_crypto_test_1022, "TFM_S_CRYPTO_TEST_1022",
147 "Secure HMAC (SHA-512) interface"},
148 #endif /* TFM_CRYPTO_TEST_ALG_SHA_512 */
149 {&tfm_crypto_test_1024, "TFM_S_CRYPTO_TEST_1024",
150 "Secure HMAC with long key (SHA-224) interface"},
151 #ifdef TFM_CRYPTO_TEST_ALG_CCM
152 {&tfm_crypto_test_1030, "TFM_S_CRYPTO_TEST_1030",
153 "Secure AEAD (AES-128-CCM) interface"},
154 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
155 #ifdef TFM_CRYPTO_TEST_ALG_GCM
156 {&tfm_crypto_test_1031, "TFM_S_CRYPTO_TEST_1031",
157 "Secure AEAD (AES-128-GCM) interface"},
158 #endif /* TFM_CRYPTO_TEST_ALG_GCM */
159 {&tfm_crypto_test_1032, "TFM_S_CRYPTO_TEST_1032",
160 "Secure key policy interface"},
161 {&tfm_crypto_test_1033, "TFM_S_CRYPTO_TEST_1033",
162 "Secure key policy check permissions"},
163 {&tfm_crypto_test_1034, "TFM_S_CRYPTO_TEST_1034",
164 "Secure persistent key interface"},
165 {&tfm_crypto_test_1035, "TFM_S_CRYPTO_TEST_1035",
166 "Key access control"},
167 #ifdef TFM_CRYPTO_TEST_ALG_CCM
168 {&tfm_crypto_test_1036, "TFM_S_CRYPTO_TEST_1036",
169 "Secure AEAD interface with truncated auth tag (AES-128-CCM-8)"},
170 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
171 {&tfm_crypto_test_1037, "TFM_S_CRYPTO_TEST_1037",
172 "Secure TLS 1.2 PRF key derivation"},
173 {&tfm_crypto_test_1038, "TFM_S_CRYPTO_TEST_1038",
174 "Secure TLS-1.2 PSK-to-MasterSecret key derivation"},
175 #ifdef TFM_CRYPTO_TEST_HKDF
176 {&tfm_crypto_test_1039, "TFM_S_CRYPTO_TEST_1039",
177 "Secure HKDF key derivation"},
178 #endif /* TFM_CRYPTO_TEST_HKDF */
179 #ifdef TFM_CRYPTO_TEST_ECDH
180 {&tfm_crypto_test_1040, "TFM_S_CRYPTO_TEST_1040",
181 "Secure ECDH key agreement"},
182 #endif /* TFM_CRYPTO_TEST_ECDH */
183 #ifdef TFM_CRYPTO_TEST_ALG_OFB
184 {&tfm_crypto_test_1041, "TFM_S_CRYPTO_TEST_1041",
185 "Secure Symmetric encryption (AES-128-OFB) interface"},
186 #endif /* TFM_CRYPTO_TEST_ALG_OFB */
187 #ifdef TFM_CRYPTO_TEST_ALG_ECB
188 {&tfm_crypto_test_1042, "TFM_S_CRYPTO_TEST_1042",
189 "Secure Symmetric encryption (AES-128-ECB) interface"},
190 #endif /* TFM_CRYPTO_TEST_ALG_ECB */
191 #if CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED
192 {&tfm_crypto_test_1043, "TFM_S_CRYPTO_TEST_1043",
193 "Secure Asymmetric encryption interface (RSA-OAEP)"},
194 {&tfm_crypto_test_1044, "TFM_S_CRYPTO_TEST_1044",
195 "Secure Asymmetric encryption interface (RSA-PKCS1V15)"},
196 {&tfm_crypto_test_1045, "TFM_S_CRYPTO_TEST_1045",
197 "Secure Sign and verify message interface (ECDSA-SECP256R1-SHA256)"},
198 #endif /* CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED */
199 #ifdef TFM_CRYPTO_TEST_ALG_CBC
200 {&tfm_crypto_test_1046, "TFM_S_CRYPTO_TEST_1046",
201 "Secure Symmetric encryption (AES-128-CBC-PKCS7) interface"},
202 {&tfm_crypto_test_1047, "TFM_S_CRYPTO_TEST_1047",
203 "Secure Symmetric encryption (AES-128-CBC-PKCS7) interface, shorter"},
204 {&tfm_crypto_test_1048, "TFM_S_CRYPTO_TEST_1048",
205 "Secure Symmetric encryption (AES-128-CBC-PKCS7) interface, longer"},
206 #endif /* TFM_CRYPTO_TEST_ALG_CBC */
207 #ifdef TFM_CRYPTO_TEST_CHACHA20
208 {&tfm_crypto_test_1049, "TFM_S_CRYPTO_TEST_1049",
209 "Secure Symmetric encryption (CHACHA20) interface"},
210 #endif /* TFM_CRYPTO_TEST_CHACHA20 */
211 #ifdef TFM_CRYPTO_TEST_ALG_CHACHA20_POLY1305
212 {&tfm_crypto_test_1050, "TFM_S_CRYPTO_TEST_1050",
213 "Secure AEAD (CHACHA20-POLY1305) interface"},
214 #endif /* TFM_CRYPTO_TEST_ALG_CHACHA20_POLY1305 */
215 #ifdef TFM_CRYPTO_TEST_CHACHA20
216 {&tfm_crypto_test_1051, "TFM_S_CRYPTO_TEST_1051",
217 "Secure RFC7539 verification on Chacha20"},
218 #endif /* TFM_CRYPTO_TEST_CHACHA20 */
219 #ifdef TFM_CRYPTO_TEST_ALG_CHACHA20_POLY1305
220 {&tfm_crypto_test_1052, "TFM_S_CRYPTO_TEST_1052",
221 "Secure RFC7539 verification on Chacha20-Poly1305"},
222 #endif /* TFM_CRYPTO_TEST_ALG_CHACHA20_POLY1305 */
223 #ifdef TFM_CRYPTO_TEST_ALG_RSASSA_PSS_VERIFICATION
224 {&tfm_crypto_test_1053, "TFM_S_CRYPTO_TEST_1053",
225 "Secure RSASSA-PSS signature verification (RSASSA-PSS-SHA256)"},
226 #endif /* TFM_CRYPTO_TEST_ALG_RSASSA_PSS_VERIFICATION */
227 };
228
register_testsuite_s_crypto_interface(struct test_suite_t * p_test_suite)229 void register_testsuite_s_crypto_interface(struct test_suite_t *p_test_suite)
230 {
231 uint32_t list_size = (sizeof(crypto_tests) / sizeof(crypto_tests[0]));
232
233 set_testsuite("Crypto secure interface tests (TFM_S_CRYPTO_TEST_1XXX)",
234 crypto_tests, list_size, p_test_suite);
235 }
236
237 /**
238 * \brief Secure interface test for Crypto
239 *
240 * \details The scope of this set of tests is to functionally verify
241 * the interfaces specified by psa/crypto.h are working
242 * as expected. This is not meant to cover all possible
243 * scenarios and corner cases.
244 *
245 */
tfm_crypto_test_1001(struct test_result_t * ret)246 static void tfm_crypto_test_1001(struct test_result_t *ret)
247 {
248 psa_key_interface_test(PSA_KEY_TYPE_AES, ret);
249 }
250
251 #ifdef TFM_CRYPTO_TEST_ALG_CBC
tfm_crypto_test_1002(struct test_result_t * ret)252 static void tfm_crypto_test_1002(struct test_result_t *ret)
253 {
254 psa_cipher_test(PSA_KEY_TYPE_AES, PSA_ALG_CBC_NO_PADDING,
255 test_key_128, BIT_SIZE_TEST_KEY, ret);
256 }
257 #endif /* TFM_CRYPTO_TEST_ALG_CBC */
258
259 #ifdef TFM_CRYPTO_TEST_ALG_CFB
tfm_crypto_test_1003(struct test_result_t * ret)260 static void tfm_crypto_test_1003(struct test_result_t *ret)
261 {
262 psa_cipher_test(PSA_KEY_TYPE_AES, PSA_ALG_CFB,
263 test_key_128, BIT_SIZE_TEST_KEY, ret);
264 }
265 #endif /* TFM_CRYPTO_TEST_ALG_CFB */
266
267 #ifdef TFM_CRYPTO_TEST_ALG_CTR
tfm_crypto_test_1005(struct test_result_t * ret)268 static void tfm_crypto_test_1005(struct test_result_t *ret)
269 {
270 psa_cipher_test(PSA_KEY_TYPE_AES, PSA_ALG_CTR,
271 test_key_128, BIT_SIZE_TEST_KEY, ret);
272 }
273
tfm_crypto_test_1006(struct test_result_t * ret)274 static void tfm_crypto_test_1006(struct test_result_t *ret)
275 {
276 psa_cipher_test(PSA_KEY_TYPE_AES, PSA_ALG_CTR,
277 test_key_256, BIT_SIZE_TEST_LONG_KEY, ret);
278 }
279 #endif /* TFM_CRYPTO_TEST_ALG_CTR */
280
tfm_crypto_test_1007(struct test_result_t * ret)281 static void tfm_crypto_test_1007(struct test_result_t *ret)
282 {
283 psa_invalid_cipher_test(PSA_KEY_TYPE_AES, PSA_ALG_HMAC(PSA_ALG_SHA_256),
284 16, ret);
285 }
286
tfm_crypto_test_1008(struct test_result_t * ret)287 static void tfm_crypto_test_1008(struct test_result_t *ret)
288 {
289 psa_invalid_key_length_test(ret);
290 }
291
292 #ifdef TFM_CRYPTO_TEST_ALG_CFB
tfm_crypto_test_1009(struct test_result_t * ret)293 static void tfm_crypto_test_1009(struct test_result_t *ret)
294 {
295 /* HMAC is not a block cipher */
296 psa_invalid_cipher_test(PSA_KEY_TYPE_HMAC, PSA_ALG_CFB, 16, ret);
297 }
298 #endif /* TFM_CRYPTO_TEST_ALG_CFB */
299
tfm_crypto_test_1010(struct test_result_t * ret)300 static void tfm_crypto_test_1010(struct test_result_t *ret)
301 {
302 psa_unsupported_hash_test(PSA_ALG_SHA_1, ret);
303 }
304
tfm_crypto_test_1011(struct test_result_t * ret)305 static void tfm_crypto_test_1011(struct test_result_t *ret)
306 {
307 psa_hash_test(PSA_ALG_SHA_224, ret);
308 }
309
tfm_crypto_test_1012(struct test_result_t * ret)310 static void tfm_crypto_test_1012(struct test_result_t *ret)
311 {
312 psa_hash_test(PSA_ALG_SHA_256, ret);
313 }
314
315 #ifdef TFM_CRYPTO_TEST_ALG_SHA_384
tfm_crypto_test_1013(struct test_result_t * ret)316 static void tfm_crypto_test_1013(struct test_result_t *ret)
317 {
318 psa_hash_test(PSA_ALG_SHA_384, ret);
319 }
320 #endif /* TFM_CRYPTO_TEST_ALG_SHA_384 */
321
322 #ifdef TFM_CRYPTO_TEST_ALG_SHA_512
tfm_crypto_test_1014(struct test_result_t * ret)323 static void tfm_crypto_test_1014(struct test_result_t *ret)
324 {
325 psa_hash_test(PSA_ALG_SHA_512, ret);
326 }
327 #endif /* TFM_CRYPTO_TEST_ALG_SHA_512 */
328
tfm_crypto_test_1019(struct test_result_t * ret)329 static void tfm_crypto_test_1019(struct test_result_t *ret)
330 {
331 psa_unsupported_mac_test(PSA_KEY_TYPE_HMAC, PSA_ALG_HMAC(PSA_ALG_SHA_1),
332 ret);
333 }
334
tfm_crypto_test_1020(struct test_result_t * ret)335 static void tfm_crypto_test_1020(struct test_result_t *ret)
336 {
337 psa_mac_test(PSA_ALG_HMAC(PSA_ALG_SHA_256),
338 test_key_128, BIT_SIZE_TEST_KEY, ret);
339 }
340
341 #ifdef TFM_CRYPTO_TEST_ALG_SHA_384
tfm_crypto_test_1021(struct test_result_t * ret)342 static void tfm_crypto_test_1021(struct test_result_t *ret)
343 {
344 psa_mac_test(PSA_ALG_HMAC(PSA_ALG_SHA_384),
345 test_key_128, BIT_SIZE_TEST_KEY, ret);
346 }
347 #endif /* TFM_CRYPTO_TEST_ALG_SHA_384 */
348
349 #ifdef TFM_CRYPTO_TEST_ALG_SHA_512
tfm_crypto_test_1022(struct test_result_t * ret)350 static void tfm_crypto_test_1022(struct test_result_t *ret)
351 {
352 psa_mac_test(PSA_ALG_HMAC(PSA_ALG_SHA_512),
353 test_key_128, BIT_SIZE_TEST_KEY, ret);
354 }
355 #endif /* TFM_CRYPTO_TEST_ALG_SHA_512 */
356
tfm_crypto_test_1024(struct test_result_t * ret)357 static void tfm_crypto_test_1024(struct test_result_t *ret)
358 {
359 psa_mac_test(PSA_ALG_HMAC(PSA_ALG_SHA_224),
360 test_key_256, BIT_SIZE_TEST_LONG_KEY, ret);
361 }
362
363 #ifdef TFM_CRYPTO_TEST_ALG_CCM
tfm_crypto_test_1030(struct test_result_t * ret)364 static void tfm_crypto_test_1030(struct test_result_t *ret)
365 {
366 psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_CCM,
367 test_key_128, BIT_SIZE_TEST_KEY, ret);
368 }
369 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
370
371 #ifdef TFM_CRYPTO_TEST_ALG_GCM
tfm_crypto_test_1031(struct test_result_t * ret)372 static void tfm_crypto_test_1031(struct test_result_t *ret)
373 {
374 psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_GCM,
375 test_key_128, BIT_SIZE_TEST_KEY, ret);
376 }
377 #endif /* TFM_CRYPTO_TEST_ALG_GCM */
378
tfm_crypto_test_1032(struct test_result_t * ret)379 static void tfm_crypto_test_1032(struct test_result_t *ret)
380 {
381 psa_policy_key_interface_test(ret);
382 }
383
tfm_crypto_test_1033(struct test_result_t * ret)384 static void tfm_crypto_test_1033(struct test_result_t *ret)
385 {
386 psa_policy_invalid_policy_usage_test(ret);
387 }
388
tfm_crypto_test_1034(struct test_result_t * ret)389 static void tfm_crypto_test_1034(struct test_result_t *ret)
390 {
391 psa_persistent_key_test(1, ret);
392 }
393
394 /**
395 * \brief Tests key access control based on partition ID
396 *
397 * \param[out] ret Test result
398 */
tfm_crypto_test_1035(struct test_result_t * ret)399 static void tfm_crypto_test_1035(struct test_result_t *ret)
400 {
401 psa_status_t status;
402 psa_key_handle_t key_handle;
403 const uint8_t data[] = "THIS IS MY KEY1";
404 psa_key_attributes_t key_attributes = psa_key_attributes_init();
405
406 /* Set key sage and type */
407 psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_EXPORT);
408 psa_set_key_type(&key_attributes, PSA_KEY_TYPE_AES);
409
410 status = psa_import_key(&key_attributes, data, sizeof(data),
411 &key_handle);
412 if (status != PSA_SUCCESS) {
413 TEST_FAIL("Failed to import key");
414 return;
415 }
416
417 /* Attempt to destroy the key handle from the Secure Client 2 partition */
418 status = tfm_secure_client_2_call_test(
419 TFM_SECURE_CLIENT_2_ID_CRYPTO_ACCESS_CTRL,
420 &key_handle, sizeof(key_handle));
421 if (status != PSA_ERROR_INVALID_HANDLE) {
422 TEST_FAIL("Should not be able to destroy key from another partition");
423 return;
424 }
425
426 /* Destroy the key */
427 status = psa_destroy_key(key_handle);
428 if (status != PSA_SUCCESS) {
429 TEST_FAIL("Error destroying a key");
430 }
431 }
432
433 #ifdef TFM_CRYPTO_TEST_ALG_CCM
tfm_crypto_test_1036(struct test_result_t * ret)434 static void tfm_crypto_test_1036(struct test_result_t *ret)
435 {
436
437 psa_algorithm_t alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(
438 PSA_ALG_CCM, TRUNCATED_AUTH_TAG_LEN);
439
440 psa_aead_test(PSA_KEY_TYPE_AES, alg,
441 test_key_128, BIT_SIZE_TEST_KEY, ret);
442 }
443 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
444
tfm_crypto_test_1037(struct test_result_t * ret)445 static void tfm_crypto_test_1037(struct test_result_t *ret)
446 {
447 psa_key_derivation_test(PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256), ret);
448 }
449
tfm_crypto_test_1038(struct test_result_t * ret)450 static void tfm_crypto_test_1038(struct test_result_t *ret)
451 {
452 psa_key_derivation_test(PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256), ret);
453 }
454
455 #ifdef TFM_CRYPTO_TEST_HKDF
tfm_crypto_test_1039(struct test_result_t * ret)456 static void tfm_crypto_test_1039(struct test_result_t *ret)
457 {
458 psa_key_derivation_test(PSA_ALG_HKDF(PSA_ALG_SHA_256), ret);
459 }
460 #endif /* TFM_CRYPTO_TEST_HKDF */
461
462 #ifdef TFM_CRYPTO_TEST_ECDH
tfm_crypto_test_1040(struct test_result_t * ret)463 static void tfm_crypto_test_1040(struct test_result_t *ret)
464 {
465 psa_key_agreement_test(PSA_ALG_ECDH, ret);
466 }
467 #endif /* TFM_CRYPTO_TEST_ECDH */
468
469 #ifdef TFM_CRYPTO_TEST_ALG_OFB
tfm_crypto_test_1041(struct test_result_t * ret)470 static void tfm_crypto_test_1041(struct test_result_t *ret)
471 {
472 psa_cipher_test(PSA_KEY_TYPE_AES, PSA_ALG_OFB,
473 test_key_128, BIT_SIZE_TEST_KEY, ret);
474 }
475 #endif /* TFM_CRYPTO_TEST_ALG_OFB */
476
477 #ifdef TFM_CRYPTO_TEST_ALG_ECB
tfm_crypto_test_1042(struct test_result_t * ret)478 static void tfm_crypto_test_1042(struct test_result_t *ret)
479 {
480 psa_cipher_test(PSA_KEY_TYPE_AES, PSA_ALG_ECB_NO_PADDING,
481 test_key_128, BIT_SIZE_TEST_KEY, ret);
482 }
483 #endif /* TFM_CRYPTO_TEST_ALG_ECB */
484
485 #if CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED
tfm_crypto_test_1043(struct test_result_t * ret)486 static void tfm_crypto_test_1043(struct test_result_t *ret)
487 {
488 psa_asymmetric_encryption_test(PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256), ret);
489 }
490
tfm_crypto_test_1044(struct test_result_t * ret)491 static void tfm_crypto_test_1044(struct test_result_t *ret)
492 {
493 psa_asymmetric_encryption_test(PSA_ALG_RSA_PKCS1V15_CRYPT, ret);
494 }
495
tfm_crypto_test_1045(struct test_result_t * ret)496 static void tfm_crypto_test_1045(struct test_result_t *ret)
497 {
498 psa_sign_verify_message_test(
499 PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256), ret);
500 }
501 #endif /* CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED */
502
503 #ifdef TFM_CRYPTO_TEST_ALG_CBC
tfm_crypto_test_1046(struct test_result_t * ret)504 static void tfm_crypto_test_1046(struct test_result_t *ret)
505 {
506 psa_cipher_test(PSA_KEY_TYPE_AES, PSA_ALG_CBC_PKCS7,
507 test_key_128, BIT_SIZE_TEST_KEY, ret);
508 }
509
tfm_crypto_test_1047(struct test_result_t * ret)510 static void tfm_crypto_test_1047(struct test_result_t *ret)
511 {
512 psa_cipher_padded_modes_test(PSA_KEY_TYPE_AES, PSA_ALG_CBC_PKCS7, 12, ret);
513 }
514
tfm_crypto_test_1048(struct test_result_t * ret)515 static void tfm_crypto_test_1048(struct test_result_t *ret)
516 {
517 psa_cipher_padded_modes_test(PSA_KEY_TYPE_AES, PSA_ALG_CBC_PKCS7, 20, ret);
518 }
519 #endif /* TFM_CRYPTO_TEST_ALG_CBC */
520
521 #ifdef TFM_CRYPTO_TEST_CHACHA20
tfm_crypto_test_1049(struct test_result_t * ret)522 static void tfm_crypto_test_1049(struct test_result_t *ret)
523 {
524 psa_cipher_test(PSA_KEY_TYPE_CHACHA20, PSA_ALG_STREAM_CIPHER,
525 test_key_256, BIT_SIZE_TEST_LONG_KEY, ret);
526 }
527
tfm_crypto_test_1051(struct test_result_t * ret)528 static void tfm_crypto_test_1051(struct test_result_t *ret)
529 {
530 psa_cipher_rfc7539_test(ret);
531 }
532 #endif /* TFM_CRYPTO_TEST_CHACHA20 */
533
534 #ifdef TFM_CRYPTO_TEST_ALG_CHACHA20_POLY1305
tfm_crypto_test_1050(struct test_result_t * ret)535 static void tfm_crypto_test_1050(struct test_result_t *ret)
536 {
537 psa_aead_test(PSA_KEY_TYPE_CHACHA20, PSA_ALG_CHACHA20_POLY1305,
538 test_key_256, BIT_SIZE_TEST_LONG_KEY, ret);
539 }
540
tfm_crypto_test_1052(struct test_result_t * ret)541 static void tfm_crypto_test_1052(struct test_result_t *ret)
542 {
543 psa_aead_rfc7539_test(ret);
544 }
545 #endif /* TFM_CRYPTO_TEST_ALG_CHACHA20_POLY1305 */
546
547 #ifdef TFM_CRYPTO_TEST_ALG_RSASSA_PSS_VERIFICATION
tfm_crypto_test_1053(struct test_result_t * ret)548 static void tfm_crypto_test_1053(struct test_result_t *ret)
549 {
550 psa_verify_rsassa_pss_test(ret);
551 }
552 #endif /* TFM_CRYPTO_TEST_ALG_RSASSA_PSS_VERIFICATION */
553
